CVE-2010-2632
First published: Wed Jan 19 2011(Updated: )
Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun SunOS | =5.8 | |
| Sun SunOS | =5.10 | |
| Sun SunOS | =5.9 | |
| Sun SunOS | =5.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
- http://www.vupen.com/english/advisories/2011/0151
- http://secunia.com/advisories/42984
- http://www.securitytracker.com/id?1024975
- http://secunia.com/advisories/43433
- https://support.avaya.com/css/P8/documents/100127892
- http://securityreason.com/achievement_securityalert/89
- http://securityreason.com/achievement_securityalert/97
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598
- http://secunia.com/advisories/55212
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64798
Frequently Asked Questions
What is the severity of CVE-2010-2632?
The severity of CVE-2010-2632 is considered high due to its potential impact on system availability.
How do I fix CVE-2010-2632?
To fix CVE-2010-2632, apply the latest security patches provided by Oracle for affected Solaris versions.
Which versions of Solaris are affected by CVE-2010-2632?
CVE-2010-2632 affects Solaris 8, 9, 10, and 11 Express.
Can CVE-2010-2632 be exploited remotely?
Yes, CVE-2010-2632 can be exploited by remote attackers, potentially affecting system availability.
What type of vulnerability is CVE-2010-2632?
CVE-2010-2632 is an unspecified vulnerability in the FTP Server of Oracle Solaris.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- agent/tags
- agent/first-publish-date
- agent/source
- vendor/sun
- canonical/sun sunos
- version/sun sunos/5.8
- version/sun sunos/5.10
- version/sun sunos/5.9
- version/sun sunos/5.11